Category: Honeypots

Executive Summary Internet of Things (IoT) botnets commonly propagate by exploiting vulnerabilities in IoT devices. Telemetry from our IoT honeypots show the number of exploit attempts originating from bots continues to increase. The vulnerabilities they leverage are old, but clearly not obsolete. The most common […]

Executive Summary Attackers have recently begun launching CoAP reflection/amplification DDoS attacks, a protocol primarily used today by mobile phones in China, but expected to grow with the explosion of Internet of Things (IoT) devices. As with any reflection/amplification attack, attackers begin by scanning for abusable […]

Executive Summary Internet of Things (IoT) botnet authors are adapting to a shift in more secure IoT devices, which has diverted attacker’s focus to exploiting vulnerabilities in IoT devices, either to supplement brute-forcing factory default passwords or completely supplant it. As IoT device security is […]

Executive Summary Botmasters have taken the lessons from developing Internet of Things (IoT) malware and shifted their focus to targeting commodity Linux servers. Like many IoT devices, unpatched Linux servers linger on the network, and are being abused at scale by attackers sending exploits to […]

I’ve been watching this for a couple of weeks now, I saw some initial requests to look at some data to discover what they may be after. I’ve seen some data about known attack vectors, but I haven’t seen what may be going on with […]

We stumbled across a set of links recently via the MITRE Honeyclient, which we feed our spam URLs to. A handful of URLs that have been spammed out were triggered as malicious. Analysis shows that they are roughly the same basic injected code. WARNING — […]

Recently a couple of news reports have come in that suggest that someone has changed how they do SSH brute force attacks: Spike in failed SSH logins could be beginnings of a coordinated attack, ISC says from the TechTarget blogs on October 22. Distributed SSH […]

While I’ve seen and heard random spatterings about why AV isn’t effective, or analyst reports from the likes of Yankee declaring “AV is Dead”, there’s been very little qualitative or quantitative study on precisely why. Well, beyond the endless flurry of new malware families and […]

Subscribe to this blog

First Name*

Last Name*

Company*

Email*

Email

This field is for validation purposes and should be left unchanged.

Asert

Arbor’s Security Engineering & Response Team (ASERT) delivers world-class network security research and analysis for the benefit of today’s enterprise and network operators. ASERT engineers and researchers are part of an elite group of institutions that are referred to as ‘super remediators’ and represent the best in information security. ASERT has both visibility and remediation capabilities at nearly every tier one operator and a majority of service provider networks globally.

ASERT shares operationally viable intelligence with hundreds of international Computer Emergency Response Teams (CERTs) and with thousands of network operators via in-band security content feeds. ASERT also operates the world’s largest distributed honeynet, actively monitoring Internet threats around the clock and around the globe.

Arbor Networks has collaborated with Jigsaw (formerly Google Ideas) to create a data visualization that shows how Distributed Denial of Service (DDoS) attacks have become a global problem. The data is updated daily from Arbor’s global network of sensors and can be viewed at www.digitalattackmap.com